Provided by: libreswan_5.2-2.2ubuntu1_amd64 bug

NAME
       ipsec-add - Add a connection specification to pluto internal database from /etc/ipsec.conf


SYNOPSIS

       ipsec add [connection | --checkconfig] [--dry-run] [--config /etc/ipsec.conf]
                 [--ctlsocket /run/pluto/pluto.ctl]


DESCRIPTION
       ipsec add connection adds a connection specification from /etc/ipsec.conf to internal database within
       pluto, The Libreswan IKE daemon. If there already was connection specification with same connectionname,
       old tunnels are torn down and new specification replaces old one.

       This only adds the connection specification making it possible for remote to connect. To establish the
       connection you need to use ipsec up connection or to do both add and up with one run you can use ipsec
       start connection.

       Note: you might also need to run ipsec rereadsecrets when your new connection uses pre-shared key (PSK)
       authentication, authby=secret because secrets keys are only being read at startup.

       With ipsec add --checkconfig you can validate your configuration file. This will return 0 if config was
       valid. Optionally you can add --verbose for more detailed analysis.

       With --dry-run the underlying whack or addconn command is displayed but not executed.


SEE ALSO
       ipsec.conf(5), ipsec(8), ipsec-algparse(8), ipsec-briefconnectionstatus(8), ipsec-briefstatus(8), ipsec-
       certutil(8), ipsec-checkconfig(8), ipsec-checknflog(8), ipsec-checknss(8), ipsec-connectionstatus(8),
       ipsec-crlutil(8), ipsec-delete(8), ipsec-down(8), ipsec-ecdsasigkey(8), ipsec-fetchcrls(8), ipsec-
       fipsstatus(8), ipsec-globalstatus(8), ipsec-import(8), ipsec-initnss(8), ipsec-letsencrypt(8), ipsec-
       listall(8), ipsec-listcacerts(8), ipsec-listcerts(8), ipsec-listcrls(8), ipsec-listen(8), ipsec-
       listpubkeys(8), ipsec-modutil(8), ipsec-newhostkey(8), ipsec-ondemand(8), ipsec-pk12util(8), ipsec-
       pluto(8), ipsec-purgeocsp(8), ipsec-redirect(8), ipsec-replace(8), ipsec-rereadall(8), ipsec-
       rereadcerts(8), ipsec-rereadsecrets(8), ipsec-restart(8), ipsec-route(8), ipsec-rsasigkey(8), ipsec-
       setup(8), ipsec-showhostkey(8), ipsec-showroute(8), ipsec-showstates(8), ipsec-shuntstatus(8), ipsec-
       start(8), ipsec-status(8), ipsec-stop(8), ipsec-trafficstatus(8), ipsec-unroute(8), ipsec-up(8), ipsec-
       vfychain(8), ipsec-whack(8)


BUGS
       none


AUTHOR
       Tuomo Soini

Libreswan 5.2                                      07/30/2025                                       IPSEC-ADD(8)